Re: [PATCH] introduce CONFIG_BINFMT_ELF_AOUT

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Marcelo Tosatti <mtosatti@redhat.com>
To: Solar Designer <solar@openwall.com>
Cc: Willy Tarreau <wtarreau@hera.kernel.org>, linux-kernel@vger.kernel.org
Subject: Re: [PATCH] introduce CONFIG_BINFMT_ELF_AOUT
Date: Sun, 20 Aug 2006 21:16:29 -0300	[thread overview]
Message-ID: <20060821001628.GC2861@dmt> (raw)
In-Reply-To: <20060819232556.GA16617@openwall.com>

On Sun, Aug 20, 2006 at 03:25:56AM +0400, Solar Designer wrote:
> Willy,
> 
> I propose the attached patch (extracted from 2.4.33-ow1) for inclusion
> into 2.4.34-pre.  (2.6 kernels could benefit from the same change, too.)
> 
> The patch adds a new compile-time option to control the support for
> "ELF binaries with a.out format interpreters or a.out libraries".
> Without this patch, such support is enabled on every system that enables
> the support for ELF binaries - although 99% (100%?) of systems don't
> need this hybrid functionality.  Moreover, this functionality poses a
> security risk - as proven in practice:
> 
> 	http://www.isec.pl/vulnerabilities/isec-0021-uselib.txt
> 
> This uselib() vulnerability did not affect default kernel builds with
> the -ow patch specifically due to separation of the unneeded/risky code
> into CONFIG_BINFMT_ELF_AOUT and having this option disabled by default.
> (Yes, this change in -ow patches pre-dates the discovery of the uselib()
> vulnerability.)
> 
> The patch also changes CONFIG_BINFMT_AOUT to be disabled by default on
> archs that had it default to enabled.  The a.out support is similarly
> risky and not audited/hardened with the same scrutiny that the ELF
> support has received.

I dislike this change. "Make a.out configurable" is a:

- "Hide the problems" trick, making it less likely for any potential bug to
be really fixed.

- Change not suitable for v2.4 inclusion: its not fixing _any_ serious problem.

We had this discussion before, didnt we?

next prev parent reply	other threads:[~2006-08-21  0:14 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2006-08-19 23:25 [PATCH] introduce CONFIG_BINFMT_ELF_AOUT Solar Designer
2006-08-20  0:16 ` Willy Tarreau
2006-08-21  1:07   ` Solar Designer
2006-08-21  4:40     ` Willy Tarreau
2006-08-21  0:16 ` Marcelo Tosatti [this message]
2006-08-21  0:33   ` Solar Designer
2006-08-21  0:51     ` Marcelo Tosatti

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20060821001628.GC2861@dmt \
    --to=mtosatti@redhat.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=solar@openwall.com \
    --cc=wtarreau@hera.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.